VDB
DEBIAN-CVE-2024-0607
DEBIAN-CVE-2024-0607
PUBLISHED
CVSS 6.599999904632568 MEDIUM
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality.
Risk Scores
CVSS 3.1
6.599999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | linux | 0, 0, 0 |
| Debian:11 | linux | 5.10.149-2, 5.10.120-1~bpo10+1, 5.10.127-2 |
| Debian:12 | linux | 0, 6.1.37-1, 6.1.38-1 |
| Debian:13 | linux | 0, 0, 0 |
Timeline
- Jan 18, 2024 CVE Published
- Apr 28, 2026 CVE Updated